Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
0
Helpful
2
Replies

ASA trying to intra-subnet traffic

jason.williams
Level 1
Level 1

‎02-22-2013 07:29 AM - edited ‎03-11-2019 06:04 PM

We have a firewalled segment on an ASA.  There are both wired and wireless systems on this segment.  We're having an issue where the wireless hosts cannot connect to the wired hosts.  Based on the logs, it looks like the traffic from the wireless hosts are trying to go out of the firewall, even though they are on the same IP subnet:

%ASA-4-106023: Deny udp src Skylight:10.157.22.53/64529 dst Inside:10.157.22.51/53 by access-group "Skylight_in" [0x0, 0x0]

I'm not entirely sure that this is a firewall issue, but since I'm seeing this behavior behind the ASA, I figured I'd start here.

Any thoughts?

Thanks.

Jason

Labels:
0 Helpful
2 Replies 2

Jouni Forss
VIP Alumni
VIP Alumni

‎02-22-2013 08:02 AM

Hi,

Not really familiar with Wireless setups.

The log seems to indicate that the traffic is coming from behind the "Skylight" interface and is heading for a network behind "Inside" interface and is getting blocked by the interface ACL.

Is the user traffic supposed to be coming from behind the "Skylight" interface or "Inside"?

- Jouni

0 Helpful

jason.williams
Level 1
Level 1
In response to Jouni Forss

‎02-22-2013 08:04 AM

Actually I figured it out.  proxy arp was enabled on the interface.  Once I disabled it (noproxyarp), it fixed my problem.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card